‘Garmin’ Services Are Down, Possibly Due to a Ransomware Attack
- Garmin suffered some kind of a hack, as its servers and customer service has stayed down for many hours now.
- Some rumors mention an attack by the “WastedLocker” ransomware group, which is consistent with the turn of events.
- Users are complaining about the downtime, as their devices have been essentially rendered useless since yesterday.
Garmin users who went for a run yesterday were surprised to see that the “Connect” service on the mobile app was down. As the American navigation products maker explained through Twitter a few hours ago, they are indeed experiencing an outage that affects their app services, website, call centers, email server, chat systems, etc.
Due to the extensive outage, this looks like a typical case of a ransomware attack - although the company hasn’t admitted anything on that part yet. On the contrary, the India-based branch even told people that their servers are down for maintenance.
Dear Garmin Users,
Our servers are currently down for maintenance & it may limit the performances of Garmin Connect Mobile & Website, and Garmin Express. We are trying our best to resolve it asap. We seek your kind understanding & apologise for any inconvenience.
Thank You
— Garmin India (@Garmin_India) July 23, 2020
We are currently experiencing an outage that affects Garmin Connect, and as a result, the Garmin Connect website and mobile app are down at this time. (1/2)
— Garmin (@Garmin) July 23, 2020
According to Bleeping Computer, Garmin employees have leaked information about the “WastedLocker” ransomware strain hitting the firm. Symantec researchers have warned about an imminent wave of attacks against multiple American companies a month ago, but maybe Garmin didn’t take note at the time.
If this is indeed what happened, Garmin should be facing demands for many millions of USD right now, so negotiations may be already underway.
Garmin website
In the meantime, Garmin users on Twitter are unfolding their #FirstWorldProblems, complaining about the service being down and not being able to track their sleep cycles or their running sessions. To be fair, Garmin should have an offline mode that allows its smartwatches to communicate with smartphones without needing to pass through the company’s servers at all.
If that were an option, users would still be able to use their Garmin wearables, and maybe the company wouldn’t feel the overwhelming pressure to pay the ransomware actors and have the matter resolved as soon as possible.
But the interruption of services may not be the only problem that Garmin is facing right now - and if WastedLocker hits them, data exfiltration should be considered a fact. Several users report that their activities’ historical data had disappeared from their devices a couple of days ago before the services were taken offline.
Related: “WastedLocker” to Attack Large Corporations in the United States
This is very consistent with ransomware attack patterns, as actors first exfiltrate the data and then lock the target’s systems down. That said, the sensitive personal data of Garmin users may have been compromised.
If you own a Garmin device, don’t panic. First, be patient until the firm resolves the technical problems. Secondly, reset your passwords once you can reaccess the apps. Thirdly, treat any future incoming unsolicited communications with extra care, especially if they claim to come from Garmin, asking you to update your information as a security measure/response to this very incident.